Michael Grafnetter
Michael Grafnetter
@deepukgithub It's almost ready, although it turned out to be more complex than it first appeared to be. Needless to say, you won't speed it up by spamming.
You can load the schema through regular LDAP. AFAIK the prefix table is only [exposed](https://msdn.microsoft.com/en-us/library/cc228418.aspx) through MS-DRSR. The schema can also be replicated through this protocol. I use a simple...
Yep, as I understand it, the prefix of that particular OID is hardcoded into ntdsa.dll (as are 30+ other prefixes) and is physically not present in the ntds.dit file. Take...
That would be nice of you. Also, if you could please add string representations of OIDs as comments.
Thanks @nielsranosch . I am aware of the AAD Graph API deprecation. There even is a Microsoft-provided PowerShell wrapper of the new MS Graph API BETA, e.g., [Get-MgUserAuthentication](https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.signins/get-mguserauthenticationmethod?view=graph-powershell-beta), although it...
Hello @yanncam , the `mail` and `pwdLastSet` attributes are indeed not retrieved by DSInternals cmdlets. The original purpose of DSInternals was the decryption of secret attributes, which are never exposed...
yanncam Good reasoning, added to my backlog.
Thanks for your feedback, @Skwerl23. I looked at the code again and the userCertificate attribute is never even read. Could you please send me a Stack Trace of that exception?
Hi @limp15000 , could you please share the stack trace of that exception? You can retrieve it using the following command: `$Error[0].Exception.StackTrace`
Hi @limp15000, this seems to be unrelated to the first error. It only says that Get-BootKey must be run under admin, as it needs to mount the registry hive.